Just a couple of days after Chinese censorship monitoring group GreatFire.org reported that China was secretly collecting data from users of Apple's iCloud storage service, the company has acknowledged that it is aware of the attacks.
"We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously", the company said, adding that the attacks neither compromise iCloud servers nor impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser. However, the iPhone-maker did not specifically mention China or provide any other details on the attacks.
GreatFire had squarely blamed the Chinese authorities for the attacks, which it said could be related to images and videos of the Hong Kong protests being shared on the mainland. Hackers allegedly used “man-in-the-middle” (MITM) attacks to redirect Chinese users attempting to log in to iCloud to a dummy site designed to look legitimate and trick them into entering their login details.
Apple has warned users against entering their login credentials whenever they get an invalid certificate warning in their browser while visiting www.icloud.com. In order to verify that you are connected to the authentic iCloud website, you can check the contents of the digital certificate for whatever browser you are using -- instructions for Safari, Chrome, and Firefox are detailed on the same support page linked above.
An important point worth noting is that not all web browsers display an invalid certificate warning -- GreatFire's report noted that users of Qihoo, the most popular web browser in China, didn't receive any such warning, and were taken directly to the dummy site.